1 dns inbound fail over, Before fail over, After fail over – PLANET MH-1000 User Manual

Multi-Homing Security Gateway User’s Manual

port by replying the selected WAN IP address through the built-in DNS server. The remote PC then

accesses the network via the specified WAN port. How MH-1000 directs this traffic through the built-in DNS

server depends on whether it is configured for Fail Over or Load Balancing.

Learn how to make DNS Inbound on MH-1000 work for you in the following section.

2.5.1 DNS Inbound Fail Over

MH-1000 can be configured to reply the WAN2 IP address for the DNS domain name request should

WAN1 fail.

Built-in DNS

S

192.168.2.2

192.168.2.3

FTP

HTTP

200.200.200.1

www.mydomain.com

200.200.200.1

Authoritative Domain Name Server

f

d

i

Before Fail Over

100.100.100.1

After Fail Over

100.100.100.1

DNS

DNS

Built-in DNS

S

192.168.2.2

192.168.2.3

1st connection

2

nd

connection

1st connection

2

nd

connection

www.mydomain.com

DNS

DNS

HTTP

FTP

In the above example, an FTP Server (IP_192.168.2.2) and an HTTP Server (IP_192.168.2.3) are

connected to the Internet via WAN1 (IP_200.200.200.1) on MH-1000. A remote computer is trying to

access these servers via the Internet, and makes a DNS request. The DNS request (

www.mydomain.com

)

will be sent through WAN1 (200.200.200.1) to the built-in DNS server. The DNS server will reply

200.200.200.1 because this is the only active WAN port. Should WAN1 fail, MH-1000 will instead reply with

WAN2’s IP address (100.100.100.1), and the remote PC will gain access to the network via WAN2. By

configuring MH-1000 for DNS Inbound Fail Over, incoming requests will enjoy increased reliability when

accessing your network.

Please refer to appendix D for example settings.

- 13 -